Over the years, Google has been shoring up security on Android in a bid to make the operating system more attractive to governments and businesses, and to reduce the threat of malware for regular users. Unfortunately, these changes often come at the expense of flexibility in our beloved platform. As we close in on the next major release of Android, due to be announced next month, SuperSU developer Chainfire has discovered a set of commits to the Android Open Source Project (AOSP) that may seriously impact some of the functionality currently enjoyed by many root users. In a post on Google+, he describes how a set of recent changes to the SELinux implementation will completely cut off write access to system to anything but recovery.

In a commit appearing earlier today in AOSP, the SELinux implementation is set to remove a fairly important aspect for many root apps: the ability to write to the /system partition. The new policy strictly mounts /system as read-only in any context other than recovery, which is allowed write access for the purpose of applying OTA updates.

Implications

The implications of this policy are pretty straight-forward: any app with a need to modify the contents of the /system partition will have to do so by constructing a flashable zip file, instructing the phone to reboot into recovery to flash the zip, then rebooting back into the regular OS. This process will rely on a custom recovery like TWRP or ClockworkMod to flash unsigned zip files. Obviously, this process isn't as seamless and may ultimately interfere with the way some apps operate, especially if they make regular changes for any reason. Chainfire notes that there may be a way to restore write access via a simple mod flashed through recovery, but it's a loophole that that the Android team is already aware of, so it may be fixed fairly soon.

Quite a few root apps are based entirely around write access to /system while many don't need it at all, and there are plenty that fall in between. Backup utilities like Titanium Backup will go on largely unaffected since they primarily work with /data, and only touch /system if the user is restoring the apk of a system app. Modding tools like Xposed and Cydia Substrate already require a restart to install low-level components, but this will also impact many of the modules written for each framework. Unfortunately, File managers like Total Commander and Root Explorer, which are often used for making small adjustments to system configuration files, will require more involved updates and mandatory restarts to continue to fill that role. Don't worry, other apps like Greenify should be completely unaffected.

It's important to note that there is no change regarding the ability to read system files.

Nothing Is Official, Yet

These changes were only just posted to AOSP in the last couple of days, and the oldest of them was written barely over one week ago. Therefore, no device is officially running with these modifications yet. It has also been confirmed that the latest build of 4.4.3 for the Moto X is not affected, suggesting that these changes will not appear in other official releases, if 4.4.3 is even publicly distributed.

It's technically possible, albeit unlikely, that this implementation has been posted for testing purposes and may never make it into an officially shipping, consumer-oriented firmware. Of course, the mere fact it has been merged into the Master branch on AOSP suggests that we're looking at the future of Android. It's also worth pointing out that many of the recent SELinux patches come directly from Stephen Smalley, an employee of the NSA and one of the developers responsible for porting the SELinux project to Android.

Manufacturers will probably have the option to disable this policy, assuming they aren't partnered with Google and the policy doesn't become a part of CTS certification, but many will choose to include it simply for improved security. No doubt, there will be some custom ROMs built to re-enable write access for /system, but those will probably fade out over time.

Due to the timing of these modifications, this implementation could possibly go into effect with Android 4.5/5.0. Of course, we're getting pretty close to Google I/O, so it's entirely possible we won't see it until a maintenance release, or even the next major version.

In Closing

The sky isn't falling, at least, not yet. Sealing up write access to /system is a massive improvement to the security of our devices. In fact, this closes up one of the biggest remaining vulnerabilities in Android, and perhaps the single most important target for malware developers. Unfortunately, this will also add a bit of inconvenience to a few of the handy tools and hacks that many of us use. In the grand scheme of things, it's a worthwhile trade.

Comments

They never said Xposed is fucked, only that some modules may be affected (assuming this change is going to make it into the actual release).

ih8legal

Not the framework itself no. But a bunch of the modules like gravitybox will have a hard time coding around this or require a reboot for every minuscule change.

Björn Lundén

Does Gravitybox really write to /system though? To me it seems to be mostly about modifying code on-the-fly, something that is unaffected by the mentioned changes.

Looking at the source code for Gravitybox (https://github.com/GravityBox/GravityBox/tree/kitkat), it doesn't write anything to /system as far as I can see. It reads from /system a few times but that's it. In other words it should be completely unaffected by this change.

Feel free to describe what it writes to /system in case I've missed somehting as I'd be interested to find out. Until you do, please stop spreading FUD.

GingerGravityBox

You can install xposed framework + gravitybox and then unroot your phone with gravitybox still 100% functioning. Read the OP at XDA.

Seems to me like the solution is to build a rom and leave out SELinux.

deltatux

That will serverely degrade Android's security subsystems. That's like running around town with all your money in a bag open to anyone to steal from.

Paul

Since today we all run in the town more and more times, i don't see the problem, i hate this sh*t, good luck with the backdoor, and i rember you Android is open, so i don't like this type of changes because i want to personalize anythings of The system

Björn Lundén

No. At most you'd just revert a commit or two.

Steve Secor

Eh, I haven't had root for over a year. Not a big deal to me.

BigTimmay

I've always had root, and this is a big deal to me.

namesib

Exactly. It's the first thing I do when I get a new phone. There's no way I'm running my device without things like Android Firewall, XPrivacy, AdAway, etc.

CoreRooted

However, that is a large reason for Google to commit changes like this. Without a rw /system partition, malicious apps have less of an opportunity to compromise the device.

Also, things like ad blockers and firewalls can still function with a reboot into recovery. How often do you really update your hosts files and/or ipchains tables?

Björn Lundén

Have you actually check which of the root apps you use actually need to write to /system? I'm guessing it's less common than you think.

Matthew Fry

Well they're definitely wrong about it not affecting Titanium Backup users. The biggest use of TB (for me) is to freeze apps and you can't do that without system.

Björn Lundén

Isn't "freezing" an app in TB exactly the same as disabling it through settings -> apps? I never found a difference from the system's point of view.

I haven't had root since my HTC One, since then I haven't rooted my HTC One M8 or One max, I just have no need for it since my first android phone, no need to even unlock my bootloader.

Andrew Brandel

Whatever, Steve.

Steve Secor

Trollolol. :D

Anotherworld

They should give us choices..if I want to risk my security on phones that is my problem.

SSDROiD

Google has to think about the average Android user, but make it as customizable as possible. Root access and anything in those yards are good for a specific group of people, but the majority does not root their phone. Google needs to protect the regular users while still trying to give you as many options as possible. Quite frankly, I'm satisfied just being able to change a launcher or keyboard. We shouldn't demand too much. That, sadly, is how the business world works.

Anotherworld

Yeah but there is a shit load of apps in the market place that requires root..they will screw alot of developers that way.

SSDROiD

That's probably true. I bet Google has something planned, though.

Björn Lundén

But most of those apps don't need to write to /system. Most of them use root either to access stuff on /data or to perform actions for which there are currently no built-in permissions to allow them access to, none of which requires write access to /system.

Daniel Collins

If this breaks xposed, then some devs will lose their livelihood.

Björn Lundén

Most Xposed modules don't seem to write to /system so until someone produces some verifiable evidence of a large number of modules breaking that is still just FUD.

See my comment further down about Gravitybox (tl;dr: it should be unaffected).

Daniel Collins

I think the Xposed framework itself does, in order for it to inject code at boot time.

Björn Lundén

Yes, it does. However that already uses the custom recovery method so it would continue to work, unaffected by this change.

Tj Hariharan

You know what is really weird is that people are jumping immediately on how this change will affect Xposed (an understandable reaction) while (at least from my experience) there was SIGNIFICANTLY less amount of hoo-ha'ing in articles about ART. I'm aware that now the dev has said he would def. be updating for ART soon enough, but just saying, at the time it was way more likely for ART to break xposed...it's odd that there's more cry out here...

And those could easily be changed to flash the updated /etc/hosts file from recovery. Is a reboot once a month when you update the list of "blocked" hosts really such a hassle?

Guest

How do you write over /system without root?

Daniel Collins

EXACTLY. How will this improve security for non-root users if it restricts a root app's abilities?

Jad

Some malware can root your phone while you are running the system. There is one turnaround I remember people taking about which crashes security programmes in the system and then root it. So a malware can have access to the system even if a regular user hasn't rooted their phone. So that's a good security measurement from Google. It can still be cracked via recovery though. So there must be a custom ROM that has the same features and the same ui as the stock ROM except that it permits access to system. But when you flash such a ROM (all custom ROMs), you are responsible in removing the security.

MangoMem

I'm wondering the same thing. Presumably ordinary government or enterprise customers wouldn't have root access anyhow -- just system admins, I would think. So are they trying to tell admins how to do their jobs, or what?

Tassadar

You don't. This is blocking some of the root exploits/malware which gain root through some vulnerability in Android, remount /system as R/W and copy su binaries to /system. So, with these changes, you can't get permanent root from Android, you need to do that in custom recovery or by flashing modified kernel (-> you need unlocked bootloader).

Daniel Collins

But how does this improve security???? Non-root apps can't access the /system partition, can they?

Ian Santopietro

Nothing can modify /system unless it remounts it Read/Write. You can't do _that_ without root, but a root app still can't necessarily modify it either.

Although, anything can read from it, but that isn't a security vulnerability if you can't modify anything.

Ian Santopietro

Erm...

Maybe I'm mistaken here but Android boots with /system set to Read-Only already. If you don't have root, there's no way to remount it to Read/Write in the first place. In that sense, it doesn't matter what SELinux stuff is running on the phone, that will prevent modifications to /system on an unrooted device.

Entitled? Fuck yes, I'm entitled to do whatever I want with things I own. If I wanted some patronizing corporate patriarch telling me what I could and could not do with my phone, I'd buy an iPhone.

Evan Cm

Yeah, back up a sec. You are freaking out over the changes to root, which I admit would upset me too if it ends up severely breaking root functions permanently.

Overall, though, Google has to take steps to strengthen platform security as a whole. Let's wait until the final product comes out before rushing to judgement, thus far Google has kept a great balance between improving Android as a product and supporting the community. Let's see if they continue to maintain that balance before ranting about the end of the world.

Serge Cebrian

basicaly this will try to prevent when some malwares try to get root rights. for non root users..

MyLeftNut

I love this mini rant because even at it's most basic it's not a right afforded to you. Just try selling your body or committing suicide or even structurally modifying your house with getting city approval. I think you'll find very quickly that just because you "own" something doesn't mean jack shit when it comes to what you can do with.

Besides, they're not being patronizing. Openness and security are not mutually exclusive. The greater the former the less of the latter. I have rooted every phone that I have ever owned and I'm also a bit miffed but great developers will always find a way to allow those who choose to mess around with root to do so freely. I don't have the skills but there's always someone out there who does.

Ian Santopietro

What they're planning on doing doesn't affect the security of a non-rooted phone, where /system is already mounted Read-Only.

czr

Lol imo That rant is true the whole idea of android is to do what we want when we want with our phone and not Have to wait for someone to find a vunerability in the software to do so thats what apple is for. Also u can do what ever u want with ur own stuff except when it puts others in harms way hence permits for housing projects that is a null argument. U might as well compare apples and say oranges or android lol

I'm sorry, when did the idea of Android become "the user can do whatever they want with their phone"?

CasperTFG

When you used your money and purchased it. You can't modify what you own? Google can work dubiously with snoopy snooperton, us buyers will go elsewhere.

CasperTFG

Man the NSA is strooong in this one. The tradeoff argument is old. You can have security and customization without an untrustworthy government agency intent on expanding its snooping capabilities.

This isn't South Sudan, this is them United States - we improvise, adapt, overcome. Got that Faggety.

A property owner with no covenant (cluster, association or city council) is unencumbered to make modifications. Where talking about the ability for some of us with root to have another level of privacy... not successfully off ourselves.

smeddy

I'm not for fragmentation, but I wouldn't mind a consumer branch and a corporate branch. Or a Dev Option in Preferences to turn this off. I know these are both pipe dreams but Android's biggest strength is its flexibility and I don't want to lose the benefits of root.

John M. Kuchta

Put a dev option in preferences to turn it off, and malware users will find ways to flip the switch. The solution is more phone manufacturers releasing the source code for their RILs and kernels so those who want to run custom ROMs like CyanogenMod can continue to do so.

It shouldn't even be a kernel mod. It's a one-line change in /etc/selinux/config to permanently disable SELinux.

abqnm

Except that is likely to be patched by the time it is released.

mickey4mice

One reason I left HTC M7 GPe was they took away /system writability, don't want to see this become an Android staple.

abqnm

Yeah all newer HTC devices are like this. You have to unlock the bootloader and flash a custom or modified stock kernel to restore /system write ability. I have a stock GPE M7 with a custom kernel and it is fantastic.

stan alessandrini

Justin case said in the post from chainfire that he is running 4.4.3 and this isn't present. Period. No issue with root apps.

NF

I wonder if the NSA is working with other companies to remove vulnerabilities.

Matthew Fry

If they are, I doubt anyone wants to talk about it. The only reason we know is because of AOSP.

CoreRooted

That isn't entirely accurate. Many of us have known for years of the NSA's contributions to Linux (SELinux, many parts of AppArmour, etc). They have been known from time to time to involve themselves in other open source projects also. Sometimes it's 1 or 2 developers that work with the NSA, and at other times it can be an entire team.

C3

Why are we allowing NSA boy Stephen smalley to even add these changes.. As group can't he be overridden and these changes removed.. I don't understand why this is even being allowed to happen.. Oh yea..

Satan’s Taint

Ahh I knew the Alex Jones paranoid douchebags would be out in force spreading their idiocy.

MattEden

While without having any background in this specific issue I tend to shy away from conspiracy theories it's a bit strange to me to see these comits by an NSA member. Could you give me a summary of this and Alex Jones so I'm a bit more informed and can do more indepth research?

greg

AOSP is completely open source. If the NSA was trying to insert a backdoor into your phone, this is a pretty stupid way to do it, as it would be very difficult to hide it.

MattEden

Sure, sure I get that. It'd be very obvious with the thousands of people working on it. But why would Stephen Smalley even bother working on the AOSP in an official capacity within the NSA? I feel that's outside of their mission.

I just happened to post this on the G+ thread a few minutes ago, and it seems fitting, so I'll add it here as well. Please forgive the fact that it was obviously written for some of the less reasonable commenters.

"Frankly, I think the wrong viewpoint is being given to the contributions from an NSA developer. Despite the negative opinions about the NSA, some of which may be deserved, this particular submission makes plenty of sense. Remember that the NSA concerns itself with national security. While they might have an interest in maintaining access to information, they are also interested in making us less susceptible to attacks and spying from the outside.

Hate the NSA if you will, but not everything that comes out of there is pure evil."

"The Information Assurance mission confronts the formidable challenge of preventing foreign adversaries from gaining access to sensitive or classified national security information."

MattEden

Thanks for the reply. I'm most definitely not in the more "circle-jerky" side of the anti-NSA camp and prefer to take a more nuanced view point on them than many these days it just came off as weird to me but thinking about it some and reading your post I can see it falling under their umbrella. And regarding those "less reasonable comments"; I can only imagine.

fuckusa

Faggot, go suck the first Negro dick and pretend it is your presidents one.

deltatux

Because SELinux originated from the NSA, he's the main author who ported SELinux to Android and is open source? Please stop jumping to conclusion without merit.

You realize that heart bleed became known BECAUSE it's open source, right? Your argument is invalid.

ParanoidtinfoilnotNSAimplant

after 2 years....which is a lot of time given to exploit millions of people. (NSA probably did)

PhilNelwyn

And...?
There was no problem?

Björn Lundén

Unlike OpenSSL, the code for SELinux is actually fairly readable and has been scrutinized by many Linux kernel developers. OpenSSL would also be a much better target.

abobobilly

File managers are getting affected the most. NOT COOL man :S

supremekizzle

Fuck that. I need xposed to fix the shit that manufactures can't get right. I'll stay on 4.4.2 forever...

El_Big_CHRIS

exactly what i thought when i read the title.

ThomasMoneyhon

Exactly. I hate that AT&T text that's in the top left of my phone, taking away a good 2-3 notification icons from being visible, amongst other crap. Gravity box for the win.

greg

if you read the article, it says that Xposed modules will probably need to have some of their code changed, but the Xposed Installer and its API will be largely unaffected.

Sac Bunt Chris

Didn't know they did that. How obnoxious.

M.L.

Please read the article again, thanks.

grumpyfuzz

4.4.3* :p

Fer

Android is full of problems, it's hard to use and lags a lot, I just don't get why is the most used, it's definitely like IOS, but for poor cheap people

kjhdfnsk

If you think Android is "hard to use", you're catastrophically stupid.

Mystery

You're probably comparing a budget device running Android to a high-end device like the iPhone. Most high-end Android devices, and even Nexus devices (mid price-range), do not lag. iOS is more like Android....didn't iOS just get quick access to settings last year?

usamaisawake

That's quite a generalization to make, "full of problems," and "poor cheap people."

First, the fact that Android is given away relatively free and on many different manufacturers has created a race to the bottom leading to some phones which, while smart, do not offer great experiences. But they are a boon for people around the world that live on much less than most of us in developed nations do. For them, whatever slow/laggy experience they have, they're grateful for the capabilities it brings. I gave my Nexus S to my father-in-law in India and he absolutely loves it to this day. I've offered to upgrade him but he does not feel the need to upgrade.

However many rich, educated, spend happy people purchase Android phones. Like every other month. If I wasn't married I'd be buying a lot more than the one/year my wife allows. Why? Android is actually easier to use than iOS, for me. Android is rarely laggy but I am not allergic to lagging so I guess I'm able to survive the occasional lag. For this apparently fatal flaw I get an OS that is basically a full blown computer. I can download torrents while transferring files to a USB drive plugged into the phone (an OTG USB). Android allows me to truly enjoy a post-PC era.

As for problems on iOS. I really wish they'd allow multiple users in iOS, maybe they'll announce that next week. It really isn't hard.

It also doesn't "fuck up" Xposed in any way. It never wrote files to /system while Android was running and is more about hijacking Dalvik calls which remain unaffected by this change.

Maybe you should take the time to understand how the things you are complaining about works before doing so.

usamaisawake

For those that need root, couldn't the builders of CyanogenMod and other such ROMs take out those pieces of Android? I no longer root (love my Moto X to pieces), and I can see the value this brings to security, but I feel for my Android using brothers and sisters who do need root. I wonder if they couldn't create a business-oriented Android.. without someone using the word fork.

Björn Lundén

Sure, anyone building AOSP, CM or any other ROM could just revert the commits. I doubt we'll do so in CM though as these are important security fixes.

I’m sorry

Nice thumbnail.

Kalpik Nigam

Worst affected will be adblock apps like adaway :(

Björn Lundén

Those will still work but would require a reboot to update the list of blocked hosts (ie. when they update /etc/hosts). Is that really such a problem though?

Cuvis

Well, fuck that noise. If this goes live, and there's no workaround, I'll be looking for another phone OS. Wonder how FirefoxOS or Ubuntu would do...

ciasaboark

Are they disabling the ability to remount /system? If not, its pretty trivial to mount as read/write, do the changes, then remount as read-only.

Well if this is going to happen it really sucks. Hopefully there's a workaround. I'd happily trade added security over the current level for the ability to have stuff mess with /system. Getting malware, on anything, really comes down a large portion of the time, to having let yourself be tricked into doing something. It doesn't just spontaneously appear on your phone. Know the red flags in stuff you open and browse and there's no reason to worry.

deltatux

Stephen Smalley is one of the lead researchers who ported SELinux to the Android platform. Him and his colleagues have written a fairly long academic paper about SELinux for Android. It's a shame that his contributions have only been noted here that he's just another NSA employee without discussing his importance.

I would say he's so important to the Android community as Chainfire.

diensa

So what, someone who works fort the devil can not be trusted.... By accepting these patches you also accept US policy tot be legit. The US of A should be nuked.

Lolz

Oh please, find a different operating system then, clown. Guy makes a couple patches to an open operating system and the whole entitled bunch of power users acts like it's some personal attack or in this little man's case, some extension of US policy.

Cuvis

Who let the Alex Jones crowd in here?

SillyMuslimTechnologyIsn’tForU

Don't you have an explosive vest to wear today?

CoreRooted

Better stop browsing the Internet now then... The NSA developed SELinux in the first place AND SELinux is present on nearly 90% of all Linux distributions today. That includes most web servers that you access. So... good luck with your little nuking quest.

Nick Cannon

Hey Google! I can't buy more apps/games as it is because my phone if full. Please stop restricting my purchases! Can't install apps to the cloud.

Wilberth Barrantes

Is the same with the jailbreak...
Its just to be pacient
Is the same
Root and jailbreak are a bussines
Doesnt work if they close

That aspect hasn't strictly changed. Xposed already required a restart to install, and it fundamentally doesn't require write access to /system for regular operation. However, any module that tries to write to /system will still have to work around the same restrictions as other root apps.

On a somewhat related point, Xposed is still incompatible with ART (unless that changed in the last 2 weeks and I missed it). There's a lot of evidence to suggest that ART will become the new default runtime in the next release of Android. I'm not sure yet if Dalvik will be removed entirely, or just left as a backup. So, coincidentally, this security fix is going to come at the same time as ART becomes the default. In either case, you might run into more than one roadblock with the next release.

Fatal1ty_93_RUS

Google is not stupid enough to remove Dalvik altogether and break apps and games that don't support ART yet

This engaging article is a needed corrective, a whirlwind tour of the
latest developments in Android, Android Open Source, Root apps, and
other fields…Cody Toombs make a compelling case for optimism over dread
as we face the exhilarating unknown.

Ahmad Nadeem

This can be overcome via Custom Kernels if I remember. So it will really benefit people not that into root, which translates to a majority of android users

someone755

Anyone else thinking that all these security things are bullshit?
Just root the phone, it's the best security you can get. That and having some common sense when installing apps.

Thales

So you're telling me that a NSA employee is trying to make my phone more secure?

See? I told ya Google is closing the OS down. Sooner or later it will be like iOS with months of jailbreak waiting

James_C_L

Maybe this is where Google silver comes into play? A dev edition of each device

montahchos

First nexus program.
Then the apps drawer.
and then root capabilities.

ok google
don't be E-pple

Matthew Fry

How is this a massive improvement to the security of our devices when it only matters when the device is rooted (small percentage of devices) and we have a solid program (superSU/Superuser) monitoring any attempts to gain root access? It's not like we didn't know that our rooted devices could be exposed to malware if we do something stupid.

I don't want to sound like a conspiracy theorist here but, this seems rather targeted at power users, unless there's a segment of the Android user base I don't know about that roots their phones and sideloads crap and doesn't know what they're doing.

There are legitimate reasons to have write access to /system and the smart people are either going to find out how to circumvent it or disable the security altogether. What was gained? If they're so concerned about giving root access to phones, standardize the rooting process and make the user choose as part of setup. System administrators can lock it down when needed and regular users can turn it off given proper understanding of what it is.

This has less to do with securing against users who have intentionally rooted a device and more about protecting users from malware that exploit vulnerabilities in software installed on the device. Just because a device isn't already rooted, it doesn't mean malicious apps can't take advantage of a weakness and acquire the privileges to do serious damage.

Many of the early root methods relied on taking advantage of software added by OEMs or carriers. Most of those apps were installed to /system, therefore they ran at elevated permissions and made desirable (and easy) targets. The root tool would exploit some weakness, use it to acquire write access to /system, and then install su.

To say that tighter security (of the /system partition) only matters when a device is rooted is like saying that you only need an alarm in your home when somebody is breaking in.

Testraindrop

So, nothing will change for all of us on Nexus + custom builds, as always?

Poor guys with locked Bootloaders, will not be as easy to flash a custom kernel with /system write access.

Might be a good time to avoid such restricted phones...

CoreRooted

These two things have nothing to do with each other though. Also, /system write access will be available through recovery.

hp420

This would mean no more sms and call log restoring :( That's especially sad since I've been using a running backup of my call and text logs that goes back about 4 years. When I get a new phone I back up my stuff on my old phone and restore it on my new one.

Toss3

You could still do that via recovery; backup to a flashable zip, and then just boot into recovery and flash.

Kostas

you don't need system access to restore sms or logs

Björn Lundén

No, you are mistaken. No personal data is ever stored on /system. It's stored on /data.

That becomes pretty clear when you realize that a "factory reset" is just a format of the /data and /cache partitions.

hp420

I hope more people correct me.....3 just isn't enough still.

/s

Björn Lundén

One of them was kind of off-topic (talking about recovery when there was no need to). The other one I missed it seems.

At least you know it's likely true and not just something one person made up. :P

Craig

Policy?

Then just disable it, or better yet after it (yeah, you'd have to flash it... but, thats's fine).

Eesh

Does this mean motorola and HTC cannot update their apps(Boot services, contextual services) over Playstore like they used to later on?

Nothing to worry about, that process won't be affected. After updates to system apps are downloaded, they are installed to /data/app and the OS just knows to use those apks instead of the older versions located in /system/app.

Eesh

doesnt that mean those apks will lose system level access? Some apps have to be moved to the system to give them system level access right?

Björn Lundén

No, they retain the access they have already been granted as Android still consider them "system apps" if that's how they were originally installed.

No process in Android has ever required writing to /system while Android was running.

SE for Android development is done relative to the master branch of AOSP, with our remaining changes on a seandroid branch. If you want to work with the latest SE for Android code, you should clone the master branch of AOSP as your starting point. As the bulk of our changes have been merged to AOSP master, you can work directly with the AOSP master branch and not follow the remaining steps below if you only want to use the features and policy that have been merged to AOSP. You only need to follow the instructions below if you want our remaining changes that have not yet been merged to AOSP, such as the ability to assign seinfo values to third party apps, our middleware MAC mechanisms, or our policy configuration."

Further, SELinux is running in nearly every distribution of Linux currently. So, before you go tin-foil hat on us, realize that you have been using SELinux for quite awhile already every time you touch a Linux machine.

Ive told you guys, KIKAT was never a good update for Android. Google become Apple like and want to dominate corporate market aswell.

No problem ChainFire says is just put a custom kernel like recovery annnnd voilá! The kids are back!(Twisted Sister song).

rstat1

Yea because updates that bring improved performance are the worst things ever.

Daniel Collins

This is absolutely terrible. There is no security enhancement here, this just sucks. Damn you, Google.

Hary Ayala

“Those who surrender freedom for security will not have, nor do they deserve, either one.”― Benjamin Franklin

didibus

Just flash a custom rom and you'll be good to go. If you really want customization, that's all that's needed.

I'm sure people will just start making stock roms for your device who's only difference is a modified SELinux policy.

Wesley Modderkolk

These changes coincide really well with the change in UI. To me it seems like this will happen to a Google build of Android, doesn't necessarily need to be AOSP.

It's a great addition for people who figured out root but have no idea what it actually is or what to use it for. People who screw around with their device without knowing what they are doing.

Honestly, it doesn't seem to be that hard to build a ROM(don't ask me to do it, though) without this change, so I don't see what the issue is.

Heimrik

Is it just me? Or is Android very slowly but surely becoming Apple iOS? Tweaking things here and there that chip away the very functions that make Android so much better than iOS? Destroying things like external storage, more sealed batteries, restricting permissions for system writing to SD cards, bootloader locking, and now this? Its getting a little concerning....

rstat1

No. Android is no where near being anything like iOS. For starters it's not made by company stupid enough to think they invented all of the crap they rip off.

Björn Lundén

Yes, it's just you. Android is becoming more mature and Google has recently focused more on security, which is a good thing. This change improves security without affecting most things people use rooting to achieve. Sure, a few things will now require a reboot to do but there are very few good reasons to be able to write to /system while Android is running, that I can think of anyway.

Android is still much more capable than iOS and will always remain so. The change to remove the ability for apps to access the external sdcards was a bit weird though, I agree.

The rest of the things you complain about, more sealed batteries and bootloader locking have nothing to do with Google or Android. The manufacturers have noted that people like well-built devices and it has become one of the ways for manufacturers to differentiate. That is easier to do with a sealed battery in many cases and it allows for some designs that wouldn't be possible without it (like the HTC One m8). People also tend to change phones for other reasons before the decrease in battery life becomes an issue. For those who want removable batteries there are still plenty of choice.

Locking of bootloaders is mostly something carriers (in particular certain US carriers) are pushing for. Most flagship devices are now sold with unlockable bootloaders or in a special versions with unlockable bootloaders so that's not an issue either.

czr

Google is turning into apple!!! Thats the whole reason i do t use iphone no flexability and now google will be the same. If they do this i will go back to apple they are higher quality and less fragment

alexg

This is very unfortunate as it takes away a top 5 reason to root your phone - the ability to remove bloatware apps!

CoreRooted

No, it doesn't. It does, however, limit the apps that you can freeze. You can still turn off most of the bloatware by going into the settings for that app and disabling it without requiring root at all.

You can still disable apps, just like you always could. If you need to get rid of them, there will be apps that construct a flashable zip and restart the phone into recovery mode. You haven't lost any of this functionality, you just have to restart the phone one time.

wow these comments, people acting like root, flashing and xposed are a god given right because android is 'open', i would have thought a big security upgrade like this would be welcomed, after all since people dropped the whole fragmentation thing the biggest go to anti-android comment is that its an unsecure malware ridden place, even the smallest malware story makes the 6o'clock news still.
People expect malware on android which in my experience has never been the case unless your an idiot so anything that puts the idiots at rest is a boom

KitKatConsumer

you're absolutely right in, now the only way to make significant changes is through recovery using a custom updater script, otherwise it is impossible to make changes to / system